Soucek had reported the issue to Apple team in January, but unfortunately he didn't get any response from Apple. Apple security team had also not confirmed the security bug till yet.
Soucek says -
Soucek had published his tools on GitHub and says it is a better phishing tool than using a form directly within a HTML email because it targets only users of the iOS app and allows changes to be made to already live phishing campaigns.
You can also check the POC demonstration of the Mail.aap in a video
Last time, iCloud hacked was headlines for several media, where thousands of celebrities private photos were leaked under a campaign called "The Fappening "